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^ (57) Abstract A system and method fs provided for manage a neo*rfc asing business information based on dam fi*m the ^ 
m ^4 dement5 , w te data includes real time data. One preferred embodiment of the present invention comprises a method for 
° managing a network having a network dement Fir* area] time variable of the network element is selected fardyiiamicmcmtonng 
O hi a cell (420) on a spreadsheet (4 14). Ncxr, the real time variable is measured And then the measured reaj time variable >* used, for 
S example, displayed, in the cell (420). m addition, the measured real time variable can be combined with other business data (416) to 
55- form a flexible business analysis application (412). 
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A Method and System for Dynamic Business Management of a 

Network 



ymr.r> of the invention 

5 

The invention relates generally to the field of management of a network, and in 
particular to the management of a network using business information and more particularly to 
management of a Virtual Private Network (VPN). 

10 R Ar.KGROUN r» f>F -THE INVENTION 

Decades ago, management of networks, sp ecificaily computer networks was mostly 
technically oriented. A Network Operations Center (NOC) was the focus of maintaining and 
expanding the network. The business people were provided with summarized information based 

15 on historical data and in some aspects considered ancillary to managing the network. With the 
rapid advances in technology and the expansion of the Internet, there has been a great increase in 
the numbers of network service providers that compete for customers. Thus both customers and 
service providers are placing greater and greater emphasis on business Management, for example, 
the cost versus the benefit of a network addition or change In order to provide a framework on 

20 how the business of a network is managed, the telecommunications industry developed the 
Telecommunications Management Network (TMN) Reference model. 

FIG. 1 is a diagram of the TMN model of the prior art. The TMN model typically 
has five layers, starting with the network element layer 1 12 and followed by four management 

25 layers. Each layer provides a set of capabilities to the upper layers and imposes a set of 
requirements on the lower layers. The TMN model is shaped Bee a pyramid because going down 
the layers increases the amount and technical content of the information, while going up the 
pyramid concentrates foe' information into higher levels of abstraction. The bottom layer is the 
Network Element Layer 1 12 and includes the actual hardware, e.g., routers, switches, hosts, and 

30 servers. 
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The Element Management layer 114 covers processes that manage the individual 
network element, e.g., monitoring performance and detecting farts. Typical protocols used in 
element management layer 114 are the Simple Network Management Protocol (SNMP) or 
Common Management Information Protocol (CMIP). These protocols allow monitoring and 
5 control of an individual network element which has stored on it a Management Information Base 
(Mffi). ^majority of "networkmanag^ 
network element management systems within this layer 116. 

The Network Management Layer 116 is concerned with the management of the 
network as a whole For example, the creation and supervision of a VPN connection (i.e., a 
end-to-end path). Hence, for example, alarms detected on individual network elements are not 
merely displayed against that individual network element, but are also propagated to show what 
paths and circuits are 

affected by the fault. 

The Service Management Layer 118 maintains the network. As faults arise this 
layer 1 1 8 may direct tie Network Management Layer 11 6 to reroute some p aths to minimize the 
&S ruptiontomenetwork.TWslayer 118 includes the reporting to the customer of feults, service 
recovery time, and considering needs for services of different types. 

20 The Business Management Layer 120 is used to monitor and plan the business 

activities and economy of the entire enterprise, resulting in decisions affecting the lower levels. 
This layer 120 includes, the process of sales negotiations, including the establishment of Service 
Level Agreements (SLAs), ordering and billing, trade-offs between investment versus benefits to 
the network, allocation of resources, and providing service status information to customers. 

25 

While business management is now at the top of the pyramid in the TMN model, 
the business people still get m&nnation about the actual hardware that has been abstracted and 
filtered by lower management layers. Thus there is still the disadvantage that the Business 
Management Layer 120 is constrained in manipulating the raw data from the Network Element 
30 Layer 112. In addition the data the Business Management Layer 120 reviews is still historical. 
In todays intensely competitive environment, being one step behind is a great disadvantage. 



15 
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The problems discussed abovefor a general network, also apply to a Virtual Private 
Network (VPN)- The VPN is ait intranet superimposed on the Internet infrastructure. Thishas 
cost savings to the business customer by reducing the infrastructure costs normally needed to 
maintain a dedicated network, and at the same time having the security of an intranet. 

5 

FIG. 2 is a network diagram illustrating a VPN of the prior art. A local area 
network (LAN) 212 is connected to another LAN 216 via the Internet 214. The two LAN's 212 
and^Saretwopartsofoneprivatene^ 

iheLANinto an outerpacket of the VPN, the inner packet is opaque to the network, e.g., Internet 
10 214overwMchthemnerpacketisrouted. This is called -tunneling." For example, a data packet 
from LAN 212 reaches arouter 220 which has VPN functionality and is encapsulated in an outer 
packet. The source address of this packet is router 220 and the destination address router 236. 
The outer packet is sent over the Internet via fink 222 to router 224 to Imk 226 to router 228 to 
D n k230torouter232toHnk234tode S tinationrout e r236. Banter 236 then strip off the outer 
15 packet for delivery in LAN 216. From the viewpoint of the two LANs 212 and 216 there is a 
virtual direct path, ie., tunnel, between routers 220 and 236. From the Internet point of view, if 
Hnk 226 goes down, the packet can be re-routed via links 240, 244, 248, and 234. Thus the 
adv^age to the customer is ase^ 
service provider is flexibiHty. 



20 



VPN protocols can be mapped to the Element Management Layer 1 14 and the 
Network Management Layer 1 16. The SNMP protocol is applicable to the Element Management 
Layer 1 14. The IPsec or security protocol is applicable to the Network Management Layer 116. 
IPsec provides the secure tunnel between, e.g., source router 220 and destination router 236. 



25 



Since the TMN model is used for a VPN, there are the same problems as using a 
typical IP Network. The business people still have access problems to the Network Element 
Layer's data, especially real-time data. Thus there is a need in both general IP networks, as well 
as, more specifically VPNs, for BusmeasMaiiagemem Layer to have direct access to the Network 
30 Element Layer data in addition to the information from the other layers of the TMN model. 
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cttkxm ^V OF THE I NVENTION 

Thepresentmvenuonprovidesasystema^^ 
business information based on data from the network dements, where the data includes real time 

5 data. In addition, the real time data can be combined with other business data to form a flexible 
business analysis application. One preferred embodiment of the present invention comprises a 
method for managing a network having a network element. First, a real time variable of the 
network element is selected for dynamic monitonng in a cell on a spreadsheet Next, the real time 
variable is measured. And then the measured real time variable is used, for example, displayed, 

10 in the cell. 

Another embodiment of the present invention comprises a method for displaying 
realtimedatafromanetwork element on a msplay at a chem computer, vvhereme diem computer 
is connected to a server via a public communications network, for example me Internet first, the 
15 display showsaspreadsheethavingaplurality of cells. A real time variable is assigned to a cell 

ofthepluraUtyofce^ ^ 
a dynamic update of tiie real time variable is recdved via the server from the network dement. 
The dynamic update is displayed in the spreadsheet. 



20 



25 



Yet another embodiment of the present invention comprises a server system for 
managinganetworkdevic^whereintfae server system is coime«edto a client computer executing 
software in an Internet browser. The software is stored in a computer readable medium. The 
server system comprises: a network interface for receiving from the software a request to monitor 
a measurable variable of the network dement; a data monitor module for periodically monitoring 
the measurable variable; and a live update module for sending changes to the measurable variable 
to the software. 



An aspettan tmibodimert offoepresem^ 
data for access by an application program being executed on a compute The memory comprises 
30 a data structure stored in the memory, where the data structure comprises a plurality of data 
objects for use by the application program The plurality of data objects comprises: an asset data 
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object comprising a physical or logical asset; a profile associated with the asset data object for 
describing the physical orlogbal asset; and a value comprising a measured value of theasset data 
object for dynamically updating the value to the application program. 

S Another aspect of the present invention comprises a method for dynamically 

managing a network using business information, where the network includes a network device. 
First a real time variable is selected to be dynamically monitored based on a condition in a legal 
agreement, for example, a Service Level Agreement (SLA). Next, the real time variable is 
measured using the Network element. And then using the measured real time variable, the 

10 condition in the legal agreement is checked for compliance. 

Yet another aspect of the present invention comprises a method, using a computer 
display, for a dynamic sales presentation of a network, a sales display is presented, comprising a 
real time variable of the network, to a customer. During the presentation, the real time variable 
1 5 is updated by measuring a network element of the network and the updated real time variable is 
displayed to the customer. 

These and other embodiments, features, aspects and advantages of the invention 
will become better understood with regard to the following description, appended claims and 
20 accompanying drawings. 



BRTEF DESCRTPTTON OF TBF DRAWINGS 
25 HG. 1 is a diagram ofaTMN model of the prior art; 

FIG. 2 is a network diagram illustrating a VPN of the prior art; 

FIG. 3 is a modified TMN model of an embodiment of the present invention; 

30 
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FIG. 4 is a spreadsheet displayed in a browser window of an embodiment of the 
present invention; 

FIG. 5 is a window including graphical representations of the data in a cell of the 
5 spreadsheet of FIG. 4 of another embodiment of the present invention; 

FIG. 6 is a flowchart of the set-up process for displaying real time data of an aspect 
of the present invention; 

10 FIG. 7 is a block diagram of a client-server architecture used in one embodiment 

of the present invention to provide a Web based network management environment; 

FIG 8 is a data model of the Asset database of one embodiment of the present 

invention; 

15 

FIG. 9 is a flowchart expanding on step 614 of FIG. 6 for the specific case of 
monitoring a network or device data source of an aspect of the present invention; and 

FIG. 10 is a simplified VPN illustrating another aspect of the present invention. 

20 

rffTATTPn AS CRIPTION OF THE INVENTION. 

In the following description, numerous specific details are set forth to provide a 
25 more thorough description of the specific embodiments of the invention. It is apparent, however, 
to one skilled in the art, that the invention may be practiced without all the specific details given 
below. In other instances, well known features have not been described in detail so as not to 
obscure the invention. 

30 today's fast paced environment the business layer gets little if any real time 

information from the network, especially from thenetwork elementswhich are directly responsible 
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for the customer getting his/her data. The TMN model assumes business people, especially 
salespersons, are unsophisticated technically and can perform their function by use of analyses of 
historical data. However, with the explosion of comnmnication technology, business people are 
much more technically proficient and do not necessarily need all the data filtering of the TMN 
5 lower management layers. Such filtering is also disadvantageous since the business people may 
need to view or combine the raw data in a different way for business analysis. For example, the 
customermaywamtomointortheddaythroughaparncmarV^ 

provider is keeping below a minimum delay as specified in the SLA. If not here may be certain 
penalty provisions which may be triggered. Hencethe delay is viewed from a business rather than 
10 a technical perspective. 

FIG. 3 is a modified TMN model of an embodiment of the present invention. The 
modified model has the same first four layers as FIG. L the Network Element Layer 312, the 
Element Management Layer 3 14, theNetwork Management Layer 3 16 and Service Management 

15 Layer 3 18. The Business Management Layer 320 in FIG 3 has been expanded to include real time 
data from the Network Element Layer 312 (direct connection 330), the Element Management 
Layer 3 14 (direct connection 332), and the Network Management Layer 3 16 (direct connection 
334). In one embodiment of the present invention a network element, e.g., router, switch, hub, 
gateway, host, server, or PC, has stored on itaMIB. A server requests real time mforrnation, e.g., 

20 CPU usage, from the MIB using the SNMP protocol. The real time information is then displayed 
in a form that a business user can easily understand, such as a spreadsheet, eg , Microsoft® Excel 
of Microsoft Corporation. The spreadsheet includes a plurality of cells, where each cell may 
include text, a number, a formula, etc 

25 FIG. 4 is a spreadsheet 412 displayed in a browser window 410 of an embodiment 

of the present invention. The spreadsheet 412 has a plurality of columns 414, e.g_, "A." "B," "C," 
TV -F," "G," and "H," and a plurality ofrows 41 6, e.g^ 1 to 13. The cells for the columns A to 
F of row 1, havethetext labels: "CustomerName," "VPN Name," ■'Origination,'' Termination," 
"Subscribed Bandwidth (bps)," "Current Bit Rate (Kbps)," respectively. Row 2 columns A to F 

30 show an example of a customer: "AOL TIME WARNER INC.," a VPN tunnel: VPN1, the 
origination or source of the VPN tunnel: "TOKYO," determination or destination of the VPNl: 
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"SENDM," the subscribed bandwidth: "1S4O0O0," andthecurrent(realtini e )brtrate420-. "354.76 

KbpsTAlthoiighnotshowi^ 

time value of the bit rate of VPNl. 

5 Users of the spreadsheet ofFlG. 4 can either use separately or in combination the 

static data they entered and/or the real time data sources tbey define to form cells on the 
spreadsheet. From these data cells, they can do further analysis by using those cells as a base to 
define formulas and calculations in new cells. An embodiment of the present invention provides 
a list of real time measured and historical variables, which the user can combine in customized 

10 formulas. These formulas are stored on the user's machine or on a secure place on the server to 
be accessible by the user alone. Thus an aspect of this invention is to provide a list of commonly 
used measured and historical variables to all users with each user developing their own business 
analysis formulas. In addition customized measured values can be developed for each user. 

15 A business action can be defined in a cell to send out notification to the user or 

other designated person, via, e,g.,email or telephone call. The business action is triggered, when 
ausersrt conditions met. For example, when the current bit rate 420 is within a set amount of 
the subscribed bandwidth 422, an email is sent to the customer indicating thai they might want to 
purchase more bandwidth from the service provider. 

20 

FIG. 5 is a window including graphical representations of the data in a cell of the 
spreadsheet of FIG. 4 of another embodiment of the present invention. The window of FIG. 5 is 
displayed when, for example, the current bit rate cell 420 is selected inFlG. 4. Agraph showing 
t heWNIink5i4betweenOsaka512andTokyo516isshownatthetopofthewmd Thelink 

25 in one embodiment changes color depending upon its status. For example, when the current bit 
rate420 goes above(or in other examples, goes below) ace^tinesholdmeHiiktunjsyeUow, 
otherwise it is green. A table 520 shows information associated with the link's origination or 
source 532 and termination or destination 534, such as, address 522, subscribedbit rate 524, VPN 
name 526, company name 528, and IP address 530. There are two graphs 540 and 550 showing 

30 theVPNbitrate(y-axes542 and 552 in Kbps) for a daDy (hourly x-axis 544) and a weekly (daily 
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x-axisSfK* period, respecrivdy.fo^ 

a yearly (monthly x-axis) period(s) can also be shown. 

FIG. 6 is a flowchart of the set-up process for displaying real time data of an 
5 embodiment of the present invention. At step 610 a cell is selected from the spreadsheet which 
is to be associated with a real time variable. Next a real time variable from a list of real tune 
variables** aNetwork dementis selected(step 512). At step 614therealtimedataismomtored 
fromtheNetworfcelen^tandtheupdatespostedtothevBxiable. Therealtimevariable l s S tored 
. i„ me mory for historical use, e.g., averaging, (step 616) and displayed in the spreadsheet cell 
10 and/or on a graphical representation (step 618). 

FIG. 7 is a block diagram of a client-server architecture used in one embodiment 
of the present invention to provide a Web based network management environment. From 
anywhere onthelntemet^ 
15 at theclient computer. The user can simply type in what they want to see on the spreadsheet and 

ddmeformolasorcalcu^ 

auserto define data, behavior, format, and source 0 f the real time data in one or more celk in the 
spreadsheet. A spreadsheet defined by user can'be saved to a server, which allows the user to 
retrieve the spreadsheet from anywhere the cheat can be executed. Different users only see then: 
20 own created sheets. In another embodiment different users can view each others' sheets. 

In designingthe spreadsheet, the user can define a data source in their spreadsheet 
in the browser. In executing the spreadsheet, through the definition, the server binds the cell to 
a data connector. Upon any subscribed data change, a five update wffl be sent to chentfromthe 

25 serverthrough a secure connection. The real-time feed may come from a vanety of data sources. 
This includes network elements/devices 718 (e.g., routers), Network Management and Element 
Management systems (NM/EM Systems 720), database systems 722 and Enterprise Infonnaton 
Systems(EAI Systems 716). Users canpuU or push data fronv^oaU these sources and custormz^ 
their spreadsheet, providing various views of the same data. For example, the Sales Department 

30 may createtheir own spreadsheets monitor newbusiness opportunities to niaxinuze the revenue, 
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aNetwork Operations Center may be interested in Packet Drops etc. and the end customer may 
be interested in the impact on their SLA or Utilization. 

FIG. 7 comprises: aclientrunning on auser'scomputer with Web access, eg., Web 
5 client computers 724 and 726; a server computer 712; a plurality of data sources, e.g., EAI 
Systems 716, Network Devices 718, NM/EM Systems 720, and Databases 722; and an Asset 
database 714. The Web client computers are connected to the server 712 which is in turn 
connected to the data sources and the Asset Database 714. The server 712 comprises: a 
ProcessmgEngme740, DataCcnne^ ^ 
10 aManagement module 733, alive Update module 734, a Security Module 744 a Rules Engine 
743, aMessagmgmoduIe742, aDataMontorm^ 

module 744 provides user authentication, role based authorization and digital encryption of any 
datatransfer. The security module 744 definesthe user profile and permissions. TheRulesEngine 
743 maintains the business rules that are triggered when the data, real time and/or static, meet a 
15 user defined condition, e.g., exceed a threshold or cause an event to occur. 

The client is software using the most popular desktop application, the Microsoft® 
Excel Spread Sheet component, and runs on a Web client computer, e.g., 724 and 726. The 
spreadsheet nuts witWnaweb browser and can putt data fr^^ 
20 Users can use standard Excel formulas to manipulate this real-time data and save their individual 
apphcations onthe server 712. Clients can also i specify actions to be taken when a particular data 
chaageoreventoccurs. These actions can vary from sending 
processes. 



25 



30 



The server 712 is a high performance, distributed, multi-threaded computer, which 
can pull data from various data sources varying from real-time i^ork to Enterprise Information 
Systems, and theserver can directiyupdate interested cUents. Auser selects from a hst of real time 
variables for a data source, e.g., a source edge router from the Measurement Libraries 730. The 
Data Monitor module 732 then monitors the router and then sends via the Live Update module 
734 an update to the user when the data changes. The server 712 maintains a secure connection 
between the client and the server, and whenever the data change occurs, the server wM send the 
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updateusingthischannel. TheData Monitor module 732 also monitors the data source even when 
the user is not currently logged into the system and may process those data changes for various 
actions. For example, the Data Monitor module 732 may automatically trigger the messaging 
modu!e742, when athreshold is exceeded. Also, the server 712 can update the data source, if it 

5 is allowed to be updated. 

TheManagementModule 733 includes foe control of various assets. For example: 
user management including adding, modifying, and deleting users and their profiles; server 
management, including startup, shutdown, back-up, etc.; network management, including, 
10 controlling foe Network elements and EAI systems; and database management of the Asset 
Database7l4. The Network Devices 718 can be controlled through use of SNMP. 

A set of measurement libraries 730 provide the various characteristics to be 
measuredonfoenetwork. This comprises, utilization, packet drop, jitter, delay, bit rate, etc. on 
15 IP and VPN networks. These measurements are done at real-time and clients may correlate these 
measurements to data from other data sources Eke customer information from an EIS system. 

Hie Query Engine 746 provides a sophisticated query generation fool. This query 
generation works with foe subscription mechanism to identify the database related data sources 
20 the user is interested in. The user provides only a high-level, logical information in foeirown 
parnodartern^^ 

The Query Engine 746 then maps this subscription information onto physical tables, views and 
columns and generates dynamic queries. 



25 



The Asset Database 7 1 4 is indexed by asset. An "asset" includes a physical asset, 
e.g, router, cable, computer, and a logical asset, e.g., VPN service, IP address, performance of 
a network link. Each asset "has associated with it a profile and value*, including measured values. 
An example is give in Table 1 below: 
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Asset 


Profile 


Value 


Service 


• User Name 

• Service Type 

• Location 

• Subscribed SLA 

• Subscribed Bandwidth | 
w Service In/Out 


* Revenue 

* Profit 

. SLA Status 

* Security Status 


Router 


- Equipment Type 

* Location 

* IP Address 

» Port Number 

* Bandwidth 


• Bit Rate 

• Bandwidth Utilization 

• Router Load (CPUMemoiy. 
VMTTR/MTBF 


IP Address 


♦Total Address Pool 
•Blocked Address 
-Location 


•Used/Not-used 
•Block Availabiliiy 

♦Duration of Use ^ I 



15 



20 



HO. S is a data model of the Asset database of one embodiment of the present 
invention. The Asset Database 714 canbe implement as a relational or objected oriented database 
oracombinationthereof. Tbemainfocalpoint of the database isthe asset object LI.ASSET 810. 
Associated with the asset object are a plurality of characteristics, including, measured values such 
bit rate <U BTTRATE), delay (UJDELAY), packet loss (H.PACKETLOSS), jitter 



as 



(LI_JrnER) and so on. 

HO. 9 is a flowchart expanding on step 614 of FIG. 6 for the specific case of 
monitoring a network or device data source of an embodiment of the present invention. At step 
oio a real time variable from the Measurement Libraries 730 is selected to have its associated 
network element, Le. asset, polledby the server 712. An SUMP request i* sent by the server 712 
to the MIB stored on the network element (step 912). The network device responds by sending 
25 the requested data back to the server 712. The Processing Engine 740 then may use a formula to 
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9,4) «^9 16 »u P ^i^t^cae«vi», h av e upd«^.734, if *eva n ^^ 

^ftthenawortele.**. TbeRul e E n ^734i S »toche=kedt 0 Urnd**********" 
5 been triggered. 

FIG 10 is a simplified VPN illustrating an embodiment of the present invention. 
Auser device 1012 is connected to a router 1020. The user devices 1012 and 1014 maybe user 
computers or ho*. The user device 1016 may be a router, having a VPN serv.ce. that connect, 
10 toal^lOlS.ThetouterlMOis^ 

over the Internet 1030 to another edge device 104a The edge device 1040 is then connected to 
userdevicelW^auser^^^ 

edge device has a Network Side (NS) connecting the edge device to the Internet 1030 and a 
Customer Side(CS>com«^ 
15 hasCS 1022 and NS 1024. Edge device 1040 has CS 1044 and NS 1042. 

For illustration purposes, user device 1012 sends data to user device 1046. User 
devices 1012 and 1046 are also called Customer Premises Equipment (CPE). User device 1012 
is called the source user device. User device 1046 is called the destination user device. Edge 
20 device 1020isthesource edge device and is the start of the VPN tunnel 1032. Edge device 1040 
is the destination edge device and is the end of the VPN tunnel 1032. 

Table2showexam P IesofrealtimevariablesmtheMmsofsour* 
•user devices, i.e., customer F ernise IP assets, that are monitored by the server 712. The port 
25 interface type, e.g., DCE or RS-232, information is required, when the user device is a Customer 
PrernisesEcuipment (CPE) router, and when a carrier class managed VPN service is provided to 
the CPE router by a service provider. There are various business uses of this type mtormanon. 
Mariceting of a service provider uses the information for forecasting to equipment vendors and 

P ridug.Salesofa S erv.c«p^ 
30 upgrade And the customer uses this information internally for determining cost of any upgrades. 



-13- 



PAGE 22^2 * RCVD AT 3r7;2006 3:19:31 PM [Eastern Standard rune] * SVR:USPTO€FXRF-2/8 * DNIS:2738300 * CSID:650857MS7 * DURATI(»I {min-ss):1640 



MAR. 1. 2006 12:10PM HP LEGAL 

WO 03/073313 

Tabic 2 Cnstomer Premise DP Asset Performance 



NO. 269 P. 23 

PCT/US03/0593S 



10 



Variable 


Information 
Source ! 


Method of 
Retrieval 


Calculation Method 


Device Port 
CS Interface 
Type 


Poll Source 
User Device 


RFC 1213 
MTB 


Query Database, after 
auto-discovery gets tms oaia n ym 
if Type in RFC MB and stores 
into Asset Database 


Destination 
User Device 
Port CS 
Interface 
Type 


Poll 

Destination 
User Device 


RFC 1213 
MIB 


Query Database, after 
auto-discovery gets this data from 
iflype in RFC MIB and stores into 
| Asset Database 



Table 3 shows examples ot reainroe van*™** ^ ^ 
,5 ■Wi.BIO-lBW*. These rotate to the Source Edge IP Asset, ic, miter 
,020 performs. Th™--*.^^^""^^* ^"'■'^ 

«. ktate include: for MM* P°« nurebers, the s«vi« t*** «— - 
Mt « usegeby locenon and perfbnns equipment forecasting aud ordering; fbrtn. M 
20 plMnia g & meri^ of the service provider identifies n«wo* asset uutobcn. used m 
dimensioning networks, and the customer can view real time VPN CoS throughput infonnatton; 
and' tor CPU and memory udtation, make** of the service provider can dewnun. asset 
utilization. 
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Table 3 Source Edge IP Asset Performance 





Variable 


Information 1 
Source J 


Method of 
Retrieval 


Calculation Method 1 


5 


Source Edge 
Device CS 
Available 
Port#'s 


source E/Ugi? i . 
Device 1 


RFC 1213 < 
NUB 


Query Database, after auto-discovery 1 
gets this data from ifTable in RFC MIB 

and stores into Asset Database 


10 


Source Edge 
Device NS 
Available 
Porttfs J 


Source Edge | 
Device I 


RFC 1213 
NUB 


Query Database, after auto-discovery 
gets that data from iffable in RFC MDB 
and stores into Asset Database 1 




Source Edge 
Device CS 


Source Edge 
Device 


RFC 1213 
MLB 


BitRateln = (Delta iSnOctets x S) (Delta 
#ofsecondsxl000) 


15 


Port Bit 

Rate 

IN 








20 


Source Edge 
Device CS 
Port Bit 
Rate 

1 our 


Source Edge 
Device 


1 RFC 1213 
JMDB 


BitRateOut = (Ddta ifOutOctets x 8) / 
(Delta # of seconds x 1000) 


25 


Source Edge 
Device CS 
Port 
Average 
Bit Rate 


Source Edge 
Device 


RFC 1213 
MEB 


AverageBh Rate= ((Delta ifinOctets + 
Ddta ifOutOctets )*8 ) / (Delta # of 
seconds xlOOO) 
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Source Edge 
Device CPU 
Utilization 



10 



Source Edge 
Device 



Process MIB 



Source Edge 
Device 
Memory 
Utilization 



When the Cisco IOS software version ts 
below 12.0(3)T: busyPer is from the 
OLD-CISCO-SYS MIB; or when the 
Cisco IOS software version is 12.0(3)T 
or above: cpmCPUTotal5sec is from the 
CISCO-PROCESS MIB 



Source Edge 
device 



Chassis MIB 



When the Cisco IOS software version is 
1.1 or below: Utiliation = 
(processorRaro - freeMem / 
processorRam)x 100 freemMem is from 
the OLD-CISCO-SYS MB. 
processorRam is from the 
OLD-CISCOCHASISMJB; or 
when the Cisco IOS software version is 
greater than 11.1: Utilization = 
(ciscoMemoryPoolUsed / 
(ciscoMemoryPooIUsed+ciscoMemoryP 
oolFree))x 100 ciscoMemoryPoolUsed 
is from the CISCO-MEMORY-POOL 
MJB. cis coMemoryP o oIFree is from the 
nsrn-MEMORY-POOL MB. 



Ta ble4 showsexamples ofreal time IP & VPN performance variables used for the 
tunnel 1032 between the source edge device 1020 and the destination edge device 1040. Some 
of the real time variables in Table 4 such as "One Way Delay," and "One Way Jitter," can be 
accumulated to form averages which can be either an average over a feed time interval, e g., 
hourly, daily, weekly, or/and monthly or an average using a moving window, e.g,, that adds the 
newmeaswemerrttoaweightedvalueofthepastmeasurements. Business uses of this information 
15 include: salesofthe service provider uses the information for negotiating SLA with customers 
( End Customers, Peer ISP's, Peer Backbone Providers, Wireless Service Providers, ASPs); 
marketing people of the service provider can perform pricing and product management (Class of 
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Service^ Le, CoS classification), and cost and revenue implications on business; sales people of 
the service provider can provide a normalized comparative graphical view to the customer of the 
competitors pricing ( CoS tier pricing is also mapped on the same graph), and they can show the 
need for a CoS upgrade. The customer can view real time VPN performance, SLA compliance, 
S and service differentiation by different service providers. 



26 



Table 4 IP & VPN Network Performance 



10 



Variable 


Information 
Source 


Method of 
Retrieval 


Calculation 
Method 


One Way 

Packet 

Loss 


Source & 
Destination 
Edge Device 


RTTMONMEB 


"From CISCO-RTTMON MTB: 
ForwardPacket Loss - 
(rttMonTrtterStatsPacketLossSD / 
, : rttMonritterStatsPacketLossSD + 
rttMonTrtterStetsNiiinOm.TT))" 

BackwardPacket Loss - 
(rttMorJitterStatsPacketLossDS / 
(rttMonJitterStatsPacketLossDS + 
ittMonJitterStat^mOfRTT))" 


Delay 


Source & 
Destination 
Edge Device 


RTTMONME 
(or alternatively 
ICMP Probe 
method) 


From aSCO-RTTMON-MB: 
Delay = 

rttMonLatestRttOperCompletionTiioe; 
(or alternatively send an ICMP probe 
request packet from Originating to 
Termination router at time Tl and 
record 

the destination time T2. Then TVT2) 
will be the total One Way delay adjusted 
•with the time difference between the 
Originating and Destination Clocks. - 
Information is contained in the RTT 
MEB in Edge Router) 
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One Way ! 
Titter ] 


Source & 1 
destination 
Edge Device 


ITTMON-MIB 1 

1 
< 

: 


ieal Time Variance of Delay from 
Mean Delay. 

'From CISCO-RTIMON-MIB: 
ForwardJitter = 

(rttMonJitterStatsSumOfPositiveSD + 
rttMonJitterStatsSumOfNegativeSD) / 
(mMoaTitterStat^umOfPositiveSD + 
rttMonTitterStat^umOfNegativesSD) 

BackwardJitter - 

(rttMoniitterStatsSumOfPositiveDS + 
T^onJitterStateSumOfNegativd5S) / 
(rttMonJitterStat^uinOfPositiveDS 
rttMonritterStatsNuinOfNegativesI)S) n 


Average 

Bandwidth 

Utilization 


History 


RFC 1213 MIB 


At ENDI - (max(Delta iHnOctets, Delta 
ifOutOctets)xSxl00) / ((Delta # of 
seconds) x ifSpeed) 

At END2 = (max(Delta ifaOctets, Delta 
iK)utOctets)x8xl00) / ((Delta # of J 
seconds) x ifSpeed) 1 

AverageBandwidthUtilization = 
(ENDl+EM>2)/2 J 


Availability 


Source & 
Destination 
Edge Device 


ICMP Method - 
Pinging from 
Originating . 
Router to 
Terminating 
Router - 
Interlace 
Group MIB, 
and 
others 


1 ((Total # of Pings received)/(Total 1 
tfPings Sent))* 100 (destination edge 
device IP address required) 



Table 5 shows examples of some the IPSec VPN real time performance variables 
10 used forthe tunnel 1032 between the source edge device 1020 and the destination edge device 
1040 IPSec provides a set of security services, •*. acfcentication, data confidentiaUty, used in 
the IP transport or IP tunnel modes, e.g„ VPN tunnel 1032. As many variables in Table 5 are 
sinrfar to the variables in Table 4, they are not repeated in order not to obscure the invention. 
Business usesof this mfonnarion are sinularto those listed for Table 4 above, but with a focus on 
15 the security aspects of the tunnel 1032. 
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Variable 


Information 
Source 


Method of 
Retrieval 


Calculation Method 


5 


IPSec Tunnel 
Total Packet 
Drop 


Source & 
Destination 
Edge Device 


JPSEC-FLOW- 
MQNITORMIB 
(or alternatively 
IPSEC Flow 
Monitor MIB ! 
Interface Group 
MIB) 


From CISCO-IPSEC-FLOW- 
MONTTOR-MIB: 
IPSecTunnelPackefDrop = 
tipSecTunlnDropPkts + 
ripSecTunOutDropPkts + 
cipSecTunlnReplayDropPkts + 
dpSecTunOutReplayDropPkts 

for altemativelv 
((apSecTunlnDropPkts ) - ( 
CipSecTunOutDropPkts) ) + 
((CipsecTunlnRepl^DropPkts ) - 
( CipsecTunOutRepIayDropPkts)) 
where CipSecTunlnDropPkts and 
CipSecTunlnReplayDropPkk are 
at the Originating Router and the 
complements to these Mibs are 
from the Terminating Router.) 


10 


IPSeC 
Tunnel 
bandwidth 
Utilization 


Source & 
Destination 
Edge Device 


IPSec Flow 
Monitor MIB, 


From CISCO-IPSEC-FLOW 

MONTTOR-MIB: 

Utilization at END 1 = (max(Delta 

cipSecTunlnOctets, Delta | 

cipSecTunOutOctets)x8x 100) / 

((Delta # of seconds) x ifSpe^J) 

Utilization at END2 5=5 (max(Delta 
cipSecTunlnOctet^ Delta 
cipSecTunOutOctets)x8x 100)/ 
((Delta # of seconds) x ifSpeed) 

BandwidthUtDization = (END 1 + 
END2)/2 



While the embodiments described above are for IP and VPN networks, the scope 
of the present invention is much broader. For example, the same concepts can be applied to IPX, 
Synchronous Optical Network (SONET), Synchronous Digital Herarchy(SDH), Wavelength 
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Division Multiplexing(WDM), Wireless network, Fiber Distributed Data Interfhce (FDDI), TLI 
(Transaction Language One (TLI), and other network/communication protocols. 

Although specific embodiments of the invention have been described, various 
5 modifications, alterations, alternative constructions, and equivalents are also encompassed within 
the scope of the invention The described invention is not restricted to operation within certain 
specific data processing environments, but is free to operate within a plurality of data processing 
environments. Additionally, although the invention has been described using a particular seriesof 
transactions and steps, it should be apparent to those skilled in the art that the scope of the 
10 invention is not limited to the described series of transactions and steps. 

Further, while the invention has been described using a particular combination of 
hardware and software, it should be recognized that other combinations of hardware and software 
are also within the scope of the invention. The invention may be implemented only in hardware 
15 or only in software or using combinations thereof. 

The specification and drawings are, accordingly, to be regarded in an illustrative 
rather than a restrictive sense. It will, however, be evident that additions, subtractions, deletions, 
and other modifications and changes may be made thereunto without departing from the broader 
20 spirit and scope of the invention as set forth in the claims. 
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WHAT IS CLAIMED IS: 

1. A method for managing a network comprising a network element, said 
method comprising: 

selecting a real time variable of said network element for dynamic monitoring in a 

cell on a spreadsheet; 
5 measuring said real time variable of said network element; and 

using said measured real time variable in said cell. 

2. The method of claim 1 wherein saidreal time variable is measured by polling 
said network element. 

3 . The method of claim 1 wherein said using said measured real time variable 
includes displaying said measured real time variable in said cell 

4. The method of claim 1 wherein said measured real time variable is displayed 
as part of a graph. 

5. The method of claim 1 wherein said measured real time variable is stored 

in a memory. 

V 

6. The method of claim 1 wherein said measured real time variable is sent to 
said cell only if said measured real time variable changes. 

7. The method of claim 1 wherein said using said measured real time variable 
includes triggering a business action, when said measured real time variable satisfies a 
predetermined condition. 

8. The method of claim 7 wherein said business action includes a selection 
from a group consisting of sending an email, sending a phone message, triggering an event in a 
workflow process, and any combination thereof 
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9, The method of claim 7 wherein said predetermined condition is exceeding 
a predetermined threshold, 

1 0. A method for displaying real time data from a network element on a display 
at a client computer, said client computer connected to a server via a public communications 
network, said method comprising: 

displaying on said display a spreadsheet comprising a plurality of cells; 

assigning a real time variable to a cell of said plurality of cells, wherein said real 
time variable is measured from said network element; 

receiving a dynamic update of said real time variable via said server, and displaying 
said dynamic update in said spreadsheet. 

1 L The method of claim 10 whereinnetworkelemeritispartof a VirtualPrivate 
Network (VPN) connection. 

12. The method of claim 10 further comprising displaying a graph of historical 
values of said real time variable. 

13. The method of claim 1 0 further comprising displaying a status of a network 
link associated with said network element. 

14. The method of claim 13 wherein said network link is a VPN link. 

15. The method of claim 10 wherein said dynamic update is displayed in said 
cell on said spreadsheet. 

16. The method of claim 10 wherein said dynamic update is combined with 
static data before being displayed on said spreadsheet. 

17. The method of claim 10 wherein said dynamic update triggers a business 
action when a predetermined condition is satisfied. 
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18. Themethod of claim 17 wherein said wherein said business action includes 
a selection from «. group consisting of sending an email, sending a phone message, triggering an 
event in a workflow process, and any combination thereof 

19. A server system for managing a network device, wherein said server system 
is connected to a client computer executing software in an Internet browser, said software stored 
in a computer readable medium, said server system comprising: 

a network interface for receiving from said software a request to monitor a 
measurable variable of said network element; 

a data monitor module for periodically monitoring said measurable variable; and 
a live update module for sending changes to said measurable variable to said 

software. 

20. The server system of claim 19 wherein said periodically monitoring said 
measurable variable comprises polling a MIB of said network element using SNMP. 

21. The server system of claim 19 wherein said software comprises a 
spreadsheet program. 

22. The server system of claim 19 wherein said network element is part of a 

VPN. 

23. The server system of claim 19 further comprising an asset database. 

24. The server system of claim 23 wherein said network dement is associated 
with an asset object of said asset database. 

25. The server system of claim 23 wherein said asset database is an objected 
oriented database, relational database, or a combination thereof. 
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26. A memory for storing data for access by an application program being 

executed on a computer, comprising: 

a data structure stored in said memory, said data structure comprising a plurality 
of data objects for use by said application program, said plurality of data objects comprising: 
an asset data object comprising a physical or logical asset; 
a profile associated with said asset data object for des^ 

asset; and 

a value comprising a measured value of said asset data object for dynamically 
updating said value to said application program. 

27. The memory of claim 26 wherein said logical asset-is a device selected from 
a group consisting of a router, switch, hub, host, server, personal computer, and gateway. 

28. The memory of claim 26 wherein said application program is a spreadsheet 

program. 

29. A method for dynamically managing a network using business information, 
said network comprising a network device, comprising: 

selecting a real time variable to be dynamically monitored based on a legal 

agreement; 

5 measuring said real time variable using said network element; and 

using said measured real time variable, detennining if a condition in said legal 
agreement is met. 

30. The method of claim 29 wherein said legal agreement is a Service Level 
Agreement (SLA). 

31. The method of claim 29 wherein said network is a VPN. 

32. A method, using a computer display, for a dynamic sales presentation of a 
network, comprising: 
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presenting said dynamic sales presentation on said computer display to a customer, 
said dynamic sales presentation, comprising a real time variable of said network; 
5 during said presenting, updating said real time variable by measuring a network 

element of said network; and 

displaying said updated real time variable to said customer. 



33 . The method of claim 32 wherein said network is a VPN. 

34. The method of claim 32 fiirther comprising relating said updated real time 
variable to cost information. 

35. A system for managing a network comprising a network element, 

comprising: 

means for selecting a real time variable of said network element, wherein said real 
time variable is dynamically monitored in a cell on a spreadsheet; 
5 means for measuring said real time variable of said network element; and 

means for using said measured real time variable in said cell. 
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